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Claim for Priority 

This application claims priority to International Application No. 
PCT/DEOO/00827 which was pubhshed in the German language on March 19, 1999. 

Page 1, between lines 7 and 8 please insert the following heading: 

TRCHNICAL FIELD OF THE INVENTION 
Please replace the paragraph beginning on line 8 of page 1 with the following 
rewritten paragraph: 

The present invention relates to a method for checking the authenticity of a 
manager apphcation in a telecommunications management network operating system 
and to an associated network. 

Page 1, between lines 15 and 16 please insert the following heading: 
BACKGROUND OF THE INVENTION 

Please replace the paragraph beginning on line 16 of page 1 with the following 
rewritten paragraph: 

Switching devices, also referred to as network elements, are 
used as nodes in a telecommunications network in order to coordinate the information 
flow in such networks. The network elements are managed by a specific operating 
system, the TMN-OS. For this purpose, they are connected together with the operating 
system to a specific management network, which is referred to as the 
telecommunications management network (TMN). The network elements are 
managed by the operating system TMN-OS communicating with the network elements 
via the TMN. 
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Please replace the paragraph beginning on line 1 of page 2 with the following 
rewritten paragraph: 

At the start of or during the handling of a communication protocol, it is 
possible to provide for the authenticity of a manager apphcation to be checked by a 
network element. To do this, the manager apphcation desiring to set up a link to the 
network element must prove, i.e. authenticate, that it is the manager application which 
it claims to be. 

Please replace the paragraph beginning on line 27 of page 2 with the following 
rewritten paragraph: 

In addition to these various protocol-specific authentication data items, a 
number of checking mechanisms, which are referred to as authentication types, are 
generally provided for each communication protocol, for carrying out the 
authentication check as shown in Figure 2.-According to Figure 2, for the Q3 
communication protocol for example, these are a simple password mechanism, a 
replay protected password mechanism, a pure identification, or a challenge and 
response method. 

Please replace the paragraph beginning on line 1 of page 3 with the following 
rewritten paragraph: 

This means that, before each authentication check, one of the available 
authentication types must be selected to carry out that particular authentication check. 
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Please replace the paragraph beginning on line 6 of page 3 with the following 
rewritten paragraph: 

Conventionally, there are various software programs, which are referred to as 
protocol-specific applications, for each communication protocol (and in some cases 
these even have different operator interfaces (MML, Q3)) for managing the 
authentication data and the authentication types. 

On page 3, between lines 12 and 13 please insert the following heading and paragraphs: 
SUMMARY OF THE INVENTION 

In one embodiment of the invention, there is a method for checking the authenticity of 
a manager application in a telecommunications management network operating system 
(TMN-OS). The method includes, for example, transmitting a communication-protocol- 
specific authentication data from the manager application via a telecommunication 
management network (TMN) to a network element while handling a communication protocol, 
the communication protocol-specific authentication data used by the network element to 
check the authenticity of the manager application, and checking the authenticity of the 
manager appUcation by comparing the communication protocol-specific authentication data 
with predetermined authentication data, wherein authentication checking is carried out 
centrally in an authenticity checking device for various communication protocols, and 
authentication data for the communication protocols used are stored centrally in an 
authentication databank. 

In another aspect of the invention, there is a method that includes managing the central 
authentication databank by a dedicated communication protocol 
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In another aspect of the invention, the method includes the communication protocols 
Q3, FT AM, FTP or MML protocol. 

ha yet another aspect of the invention, the method includes authentication checking for 
each individual communication protocol is carried out centrally in the authenticity checking 
device using different authentication types. 

hi one embodiment of the invention, there is a network element in a 
telecommunications network, the network element managed by a telecommunications 
management network operating system (TMN-OS) via a telecommunications management 
network (TMN). The method includes, for example, at least one agent application for 
receiving communication-protocol-specific authentication data via the TMN jfrom an 
associated manager application in the TMN-OS, the authentication data used to check the 
authenticity of the associated manager application, and an authenticity checking device to 
receive the communication protocol-specific authentication data fi-om the agent application 
and to check the authenticity of the manager application by comparing the communication 
protocol-specific authentication data with predetermined authentication data, wherein the 
authenticity checking device carries out the authentication checking centrally for various 
commxmication protocols, and the authentication data for the commimication protocols used 
are stored centrally in an authentication databank. 

hi another aspect of the invention, the method includes the network element wherein 
the network element has a management device which manages the central authentication 
databank. 

hi another aspect of the invention, the method includes the network element wherein 
the management device is coupled to the TMN via a dedicated agent application and is 
controlled by the TMN-OS. 



dc-279850 



5 



Brief Description of the Drawings 

The following text includes a detailed description of an exemplary embodiment of the 
invention, with reference to the attached figures. 

Figure 1 shows a TMN as a connecting network between a TMN-OS and a 
network element according to the present invention. 

Figure 2 shows a tabular association between communication protocols and 
respective possible authentication types. 

On page 3, before the paragraph beginning on line 13, please insert the following 
heading: 

Detailed Description of the Preferred Embodiments 
Please replace the paragraph beginning on line 13 of page 3 with the following 
rewritten paragraph: 

The method provides a simpler method than the conventional method for a 
network element to check the authenticity of a manager appHcation and to provide a 
network element which is suitable for this purpose, in which method and network 
element the various protocol-specific appUcations for managing the authentication 
data are superfluous. 

Please delete the paragraph beginning on line 21 of page 3 in its entirety. 

Please replace the paragraph beginning on line 26 of page 3 with the following 
rewritten paragraph: 
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According to the invention, the authentication check is carried out centrally in 
an authentication checking device in the network element for various manager 
applications, that is for various communication protocols. The authentication 
checking device accesses an authentication databank in which the various 
authentication data for the communication protocols used are stored centrally. 

Please replace the paragraph beginning on line 31 of page 4 with the following 
rewritten paragraph: 

hi a preferred embodiment of the checking method according to the invention, 
authentication checking is carried out centrally in the network element not only for 
each individual communication protocol, but also for different authentication types. 
This centralization also saves costly commxmication-protocol-specific individual 
solutions. 

Please replace the paragraph beginning on Une 1 of page 5 with the following 
rewritten paragraph: 

Finally, for the network element designed for carrying out the method, it is 
advantageous for the central authentication databank to be managed by a management 
device which is controlled by the TMN-OS via a dedicated agent application within 
the network element. Jn addition to saving conmiunication-protocol-specific individual 
solutions for managing the communication-protocol-specific authentication data, this 
embodiment allows decoupling of telecommunication-specific communication and 
management communication between the TMN-OS and the network element. 
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Please delete the paragraph begiiming on line 10 of page 6 in its entirety. 
Please delete the paragraph beginning on line 14 of page 6 in its entirety. 
Please delete the paragraph beginning on line 18 of page 6 in its entirety. 

Please replace the paragraph beginning on line 22 of page 6 with the following 
rewritten paragraph: 

A network element in a communications network is managed by a 
telecommimications management network operating system (TMN-OS). Figure 1 
shows the coupling of the network element to the TMN-OS via a TMN that is required 
for this purpose. The TMN-OS has a large number of manager applications 50, 
60... 100, which are implemented either in hardware, or_preferably in software. One or 
more of these manager apphcations can then run on a computer. 

Please replace the paragraph beginning on line 32 of page 6 with the following 
rewritten paragraph: 

The network element in each case has a corresponding mating part, which is 
referred to as an agent apphcation 55, 65. ..105, in the TMN-OS for each manager 
application. Using these agent applications, the network element communicates via the 
TMN with the manager applications 50, 60.. .100 in the TMN-OS. Each manager 
application communicates with its associated agent apphcation in the form of an 
individual communication protocol. In this case, the following associations are 
possible, according to Figure 1 : the File Transfer Access Management (FT AM) 
manager apphcation 50 communicates with the FTAM agent application 55; the File 
Transfer Protocol (FTP) manager application 60 communicates with the FTP agent 
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application 65; the Man Machine Language (MML) manager appHcation 70 
communicates with the MML agent appUcation 75; and the Q3 manager appHcations 
80, 100 communicate with the Q3 agent apphcations 85, 105 in the network element. 

Please replace the paragraph beginning on line 24 of page 6 with the following 
rewritten paragraph: 

In the course of the unilateral authentication check shown in Figure 1, a 
manager application 50, 60... 100 which wishes to set up a connection to the network 
element initially sets up the protocol elements required for carrying out the 
authentication check. The check is carried out as a function of its communication 
protocol, its initiators and a selected authentication type, and sends these to the 
network element. These protocol elements are then received and evaluated by the 
network element. During the evaluation process, the authentication data required for 
carrying out the authentication check is, in particular, filtered out of the protocol 
elements. Each of the communication protocols used, for example the FT AM, FTP, 
MML or Q3 communication protocol, has its own dedicated authentication data. 

Please replace the paragraph beginning on line 35 of page 7 with the following 
rewritten paragraph: 

With regard to future communications between the TMN-OS and the network 
element, authentication data for a protocol which is to be used are initially stored in 
the central authentication databank 10. This is done in such a way that a Q3 manager 
application requests a Q3 management device 30 within the network element to enter 
the initiator "HUGO" in the central authentication databank 10, for example for future 
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communication using the FTAM protocol, and such that this uses the "simple 
password mechanism" authentication type for authentication and such that its 
identification word is "ABCD1#". 

Please replace the paragraph beginning on line 15 of page 9 with the following 
rewritten paragraph: 

From the FTAM agent application 55 in the network element, it receives the 
information that the FTAM manager application 50 would like to set up a connection, 
with the manager application outputting "HUGO" as the initiator for the desired 
connection, and asserting that its identification word is "ABCD1#". The central 
authentication checking device 20 then compares these data with the original 
authentication data, already stored in the central authentication databank 10, for the 
FTAM communication protocol and the "HUGO" initiator. If there is a match, the 
connection is allowed to be set up. 

Please replace the paragraph beginning on hne 1 of page 10 with the following 
rewritten paragraph: 

The central authentication checking device 20 carries out the authentication 
check, which is described by way of example for the FTAM communication protocol, 
in the same way for the other communication protocols used. In this instance, in each 
individual case, it accesses the central authentication databank 10, in which the 
authentication data for the communication protocols are stored. 
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